mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

webui: Disabled editing device notes for non-admin users (#5341)

Browse Source
This commit is contained in:
Neil Lathwood
2017-01-08 13:05:37 +00:00
committed by Søren Rosiak
parent 1e655c4e03
commit 36e1cc82f6
2 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
html/pages/device/notes.inc.php
View File

@@ -13,6 +13,12 @@
$data = dbFetchRow("SELECT `notes` FROM `devices` WHERE device_id = ?", array(
$device['device_id']
));
$disabled = '';
if (is_admin() === false) {
$disabled = 'disabled';
}
?>
<form class="form-horizontal" action="" method="post">
@@ -20,14 +26,14 @@ $data = dbFetchRow("SELECT `notes` FROM `devices` WHERE device_id = ?", array(
<hr>
<div class="form-group">
<div class="col-sm-12">
<textarea class="form-control" rows="6" name="notes" id="device-notes"><?php echo htmlentities($data['notes']); ?></textarea>
<textarea class="form-control" rows="6" name="notes" id="device-notes" <?php echo $disabled; ?>><?php echo htmlentities($data['notes']); ?></textarea>
</div>
</div>
<div class="row">
<div class="col-md-1 col-md-offset-5">
<?php
echo '
<button type="submit" name="btn-update-notes" id="btn-update-notes" class="btn btn-default" data-device_id="' . $device['device_id'] . '"><i class="fa fa-check"></i> Save</button>
<button type="submit" name="btn-update-notes" id="btn-update-notes" class="btn btn-default ' . $disabled . '" data-device_id="' . $device['device_id'] . '"><i class="fa fa-check"></i> Save</button>
';
?>
</div>
@@ -43,9 +49,13 @@ $("[name='btn-update-notes']").on('click', function(event) {
type: 'POST',
url: 'ajax_form.php',
data: { type: "update-notes", notes: notes, device_id: device_id},
dataType: "html",
dataType: "json",
success: function(data){
toastr.success('Saved');
if (data.status == "error") {
toastr.error(data.message);
} else {
toastr.success('Saved');
}
},
error:function(){
toastr.error('Error');
@@ -53,3 +63,7 @@ $("[name='btn-update-notes']").on('click', function(event) {
});
});
</script>
<?php
unset($disabled);
?>